Michael Richardson <m...@sandelman.ca> writes: > Having orange and red pieces "secured" *does* mean that u-boot updates would > have to come from openwrt.
Does it? Is it possible to modify the BL2 to verify signatures of the BL31 and BL32 stages only? If not, is it feasible to deploy an automated fip.bin signer, taking an any unverified U-Boot binary as input and building a signed fip.bin for the OpenWrt One using verified BL31 and BL32 blobs? Bjørn _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
